package com.ming.springboot.security;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;

import javax.servlet.http.HttpServletRequest;
import java.util.HashSet;
import java.util.Set;

/**
 * Created by mqsi on 2022/5/24 17:33
 */
@Component
public class RbacAuthorityService {
	public boolean hasPermission(HttpServletRequest request, Authentication authentication){
		Object userInfo = authentication.getPrincipal();
		if (userInfo instanceof UserDetails){
			boolean hasPermission = false;
			Set<String> urls = new HashSet<>();
			urls.add("/student/**");
			AntPathMatcher antPathMatcher = new AntPathMatcher();
			for (String url: urls){
				if (antPathMatcher.match(url, request.getRequestURI())) {
					hasPermission = true;
					break;
				}
			}
			return hasPermission;
		} else{
			return false;
		}
	}
}
